shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-02-22 17:57:46 +03:00
Code Releases Wiki Activity

F #5973: Add OneGate proxy service (#2281)

Browse Source 
* Update install_gems (async.io, etc, rb-inotify)
    - make install_gems script more verbose
    - slightly refactor/simplify update_locks script
    - add async.io, etc and rb-inotify gems
    - update gem locks for: AlmaLinux8/9, CentOS8
    - update gem locks for: Debian10/11, Ubuntu1804/2004/2204

* onegate-proxy:
    - ruby code and default config (169.254.16.9 to avoid conflicts)
    - install.sh script
    - logrotate and systemd onegate-proxy configs
    - onecfg configs
This commit is contained in:
Michal Opala 2022-11-14 20:48:30 +01:00 committed by GitHub
parent 1addd0079d
commit 0d5f9280a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 936 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
install.sh
View File

@ -30,7 +30,7 @@ usage() {
echo
echo "Usage: install.sh [-u install_user] [-g install_group] [-k keep conf]"
echo " [-d ONE_LOCATION] [-c cli|ec2] [-r]"
echo " [-s] [-p] [-G] [-f] [-l] [-e] [-h]"
echo " [-s] [-p] [-G] [-6] [-f] [-l] [-e] [-h]"
echo
echo "-u: user that will run opennebula, defaults to user executing install.sh"
echo "-g: group of the user that will run opennebula, defaults to user"
@ -46,6 +46,7 @@ usage() {
echo "-F: install OpenNebula FireEdge"
echo "-P: do not install OpenNebula FireEdge non-minified files"
echo "-G: install only OpenNebula Gate"
echo "-6: install only OpenNebula Gate Proxy"
echo "-f: install only OpenNebula Flow"
echo "-r: remove Opennebula, only useful if -d was not specified, otherwise"
echo " rm -rf \$ONE_LOCATION would do the job"
@ -55,13 +56,14 @@ usage() {
}
#-------------------------------------------------------------------------------
PARAMETERS=":u:g:d:ehkrlcspFPorlfG"
PARAMETERS=":u:g:d:ehkrlcspFPorlfG6"
INSTALL_ETC="yes"
UNINSTALL="no"
LINK="no"
CLIENT="no"
ONEGATE="no"
ONEGATE_PROXY="no"
SUNSTONE="no"
SUNSTONE_DEV="yes"
FIREEDGE="no"
@ -81,6 +83,7 @@ while getopts $PARAMETERS opt; do
l) LINK="yes" ;;
c) CLIENT="yes"; INSTALL_ETC="no" ;;
G) ONEGATE="yes" ;;
6) ONEGATE_PROXY="yes" ;;
s) SUNSTONE="yes" ;;
p) SUNSTONE_DEV="no" ;;
F) FIREEDGE="yes" ;;
@ -109,6 +112,7 @@ if [ -z "$ROOT" ] ; then
LOG_LOCATION="/var/log/one"
VAR_LOCATION="/var/lib/one"
ONEGATE_LOCATION="$LIB_LOCATION/onegate"
ONEGATE_PROXY_LOCATION="$LIB_LOCATION/onegate-proxy"
SUNSTONE_LOCATION="$LIB_LOCATION/sunstone"
FIREEDGE_LOCATION="$LIB_LOCATION/fireedge"
ONEFLOW_LOCATION="$LIB_LOCATION/oneflow"
@ -151,6 +155,13 @@ if [ -z "$ROOT" ] ; then
DELETE_DIRS="$MAKE_DIRS"
CHOWN_DIRS=""
elif [ "$ONEGATE_PROXY" = "yes" ]; then
MAKE_DIRS="$BIN_LOCATION $LIB_LOCATION $VAR_LOCATION \
$ONEGATE_PROXY_LOCATION $ETC_LOCATION"
DELETE_DIRS="$MAKE_DIRS"
CHOWN_DIRS=""
elif [ "$ONEFLOW" = "yes" ]; then
MAKE_DIRS="$BIN_LOCATION $LIB_LOCATION $VAR_LOCATION $ONEFLOW_LOCATION \
@ -170,7 +181,7 @@ if [ -z "$ROOT" ] ; then
$INCLUDE_LOCATION $SHARE_LOCATION $DOCS_LOCATION \
$LOG_LOCATION $RUN_LOCATION $LOCK_LOCATION \
$SYSTEM_DS_LOCATION $DEFAULT_DS_LOCATION $MAN_LOCATION \
$VM_LOCATION $ONEGATE_LOCATION $ONEFLOW_LOCATION \
$VM_LOCATION $ONEGATE_LOCATION $ONEGATE_PROXY_LOCATION $ONEFLOW_LOCATION \
$SUNSTONE_MAIN_JS_LOCATION $ONEHEM_LOCATION"
DELETE_DIRS="$LIB_LOCATION $ETC_LOCATION $LOG_LOCATION $VAR_LOCATION \
@ -188,6 +199,7 @@ else
RUN_LOCATION="$VAR_LOCATION/run"
LOCK_LOCATION="$VAR_LOCATION/lock"
ONEGATE_LOCATION="$LIB_LOCATION/onegate"
ONEGATE_PROXY_LOCATION="$LIB_LOCATION/onegate-proxy"
SUNSTONE_LOCATION="$LIB_LOCATION/sunstone"
FIREEDGE_LOCATION="$LIB_LOCATION/fireedge"
ONEFLOW_LOCATION="$LIB_LOCATION/oneflow"
@ -210,6 +222,11 @@ else
MAKE_DIRS="$BIN_LOCATION $LIB_LOCATION $VAR_LOCATION \
$ONEGATE_LOCATION $ETC_LOCATION"
DELETE_DIRS="$MAKE_DIRS"
elif [ "$ONEGATE_PROXY" = "yes" ]; then
MAKE_DIRS="$BIN_LOCATION $LIB_LOCATION $VAR_LOCATION \
$ONEGATE_PROXY_LOCATION $ETC_LOCATION"
DELETE_DIRS="$MAKE_DIRS"
elif [ "$SUNSTONE" = "yes" ]; then
MAKE_DIRS="$BIN_LOCATION $LIB_LOCATION $VAR_LOCATION \
@ -234,7 +251,7 @@ else
MAKE_DIRS="$BIN_LOCATION $SBIN_LOCATION $LIB_LOCATION $ETC_LOCATION $VAR_LOCATION \
$INCLUDE_LOCATION $SHARE_LOCATION $SYSTEM_DS_LOCATION \
$DEFAULT_DS_LOCATION $MAN_LOCATION $DOCS_LOCATION \
$VM_LOCATION $ONEGATE_LOCATION $ONEFLOW_LOCATION \
$VM_LOCATION $ONEGATE_LOCATION $ONEGATE_PROXY_LOCATION $ONEFLOW_LOCATION \
$SUNSTONE_MAIN_JS_LOCATION $ONEHEM_LOCATION $LOCK_LOCATION $RUN_LOCATION"
DELETE_DIRS="$MAKE_DIRS"
@ -556,6 +573,8 @@ if [ "$CLIENT" = "yes" ]; then
$ETC_LOCATION"
elif [ "$ONEGATE" = "yes" ]; then
MAKE_DIRS="$MAKE_DIRS $LIB_OCA_CLIENT_DIRS"
elif [ "$ONEGATE_PROXY" = "yes" ]; then
MAKE_DIRS="$MAKE_DIRS $LIB_OCA_CLIENT_DIRS"
elif [ "$SUNSTONE" = "yes" ]; then
if [ "$SUNSTONE_DEV" = "no" ]; then
MAKE_DIRS="$MAKE_DIRS $SUNSTONE_DIRS $SUNSTONE_MINIFIED_DIRS $LIB_OCA_CLIENT_DIRS"
@ -919,6 +938,16 @@ INSTALL_ONEGATE_ETC_FILES=(
ONEGATE_ETC_FILES:$ETC_LOCATION
)
INSTALL_ONEGATE_PROXY_FILES=(
ONEGATE_PROXY_FILES:$ONEGATE_PROXY_LOCATION
ONEGATE_PROXY_BIN_FILES:$BIN_LOCATION
)
INSTALL_ONEGATE_PROXY_ETC_FILES=(
ONEGATE_PROXY_ETC_FILES:$ETC_LOCATION
ONEGATE_PROXY_REMOTES_ETC_FILES:$VAR_LOCATION/remotes/etc
)
INSTALL_ONEFLOW_FILES=(
ONEFLOW_FILES:$ONEFLOW_LOCATION
ONEFLOW_BIN_FILES:$BIN_LOCATION
@ -1016,6 +1045,7 @@ RUBY_LIB_FILES="src/mad/ruby/ActionManager.rb \
src/mad/ruby/OpenNebulaDriver.rb \
src/mad/ruby/VirtualMachineDriver.rb \
src/mad/ruby/PublicCloudDriver.rb \
src/mad/ruby/HostSyncManager.rb \
src/mad/ruby/DriverExecHelper.rb \
src/mad/ruby/ssh_stream.rb \
src/vnm_mad/one_vnm.rb \
@ -2923,6 +2953,18 @@ ONEGATE_BIN_FILES="src/onegate/bin/onegate-server"
ONEGATE_ETC_FILES="src/onegate/etc/onegate-server.conf"
#-----------------------------------------------------------------------------
# OneGateProxy files
#-----------------------------------------------------------------------------
ONEGATE_PROXY_FILES="src/onegate-proxy/onegate-proxy.rb"
ONEGATE_PROXY_BIN_FILES="src/onegate-proxy/bin/onegate-proxy"
ONEGATE_PROXY_ETC_FILES="src/onegate-proxy/etc/onegate-proxy.conf"
ONEGATE_PROXY_REMOTES_ETC_FILES="$ONEGATE_PROXY_ETC_FILES"
#-----------------------------------------------------------------------------
# OneFlow files
#-----------------------------------------------------------------------------
@ -3170,6 +3212,8 @@ if [ "$CLIENT" = "yes" ]; then
INSTALL_SET=${INSTALL_CLIENT_FILES[@]}
elif [ "$ONEGATE" = "yes" ]; then
INSTALL_SET="${INSTALL_ONEGATE_FILES[@]}"
elif [ "$ONEGATE_PROXY" = "yes" ]; then
INSTALL_SET="${INSTALL_ONEGATE_PROXY_FILES[@]}"
elif [ "$SUNSTONE" = "yes" ]; then
if [ "$SUNSTONE_DEV" = "no" ]; then
INSTALL_SET="${INSTALL_SUNSTONE_RUBY_FILES[@]} \
@ -3212,6 +3256,7 @@ else
${INSTALL_SUNSTONE_FILES[@]} ${INSTALL_SUNSTONE_PUBLIC_DEV_DIR[@]}\
${INSTALL_FIREEDGE_FILES[@]} ${INSTALL_FIREEDGE_DEV_DIRS[@]}\
${INSTALL_ONEGATE_FILES[@]} \
${INSTALL_ONEGATE_PROXY_FILES[@]} \
${INSTALL_ONEFLOW_FILES[@]} \
${INSTALL_ONEHEM_FILES[@]} \
${INSTALL_ONEPROVISION_FILES[@]} \
@ -3236,6 +3281,8 @@ if [ "$INSTALL_ETC" = "yes" ] ; then
INSTALL_ETC_SET="${INSTALL_FIREEDGE_ETC_FILES[@]}"
elif [ "$ONEGATE" = "yes" ]; then
INSTALL_ETC_SET="${INSTALL_ONEGATE_ETC_FILES[@]}"
elif [ "$ONEGATE_PROXY" = "yes" ]; then
INSTALL_ETC_SET="${INSTALL_ONEGATE_PROXY_ETC_FILES[@]}"
elif [ "$ONEFLOW" = "yes" ]; then
INSTALL_ETC_SET="${INSTALL_ONEFLOW_ETC_FILES[@]}"
else
@ -3243,6 +3290,7 @@ if [ "$INSTALL_ETC" = "yes" ] ; then
${INSTALL_SUNSTONE_ETC_FILES[@]} \
${INSTALL_FIREEDGE_ETC_FILES[@]} \
${INSTALL_ONEGATE_ETC_FILES[@]} \
${INSTALL_ONEGATE_PROXY_ETC_FILES[@]} \
${INSTALL_ONEHEM_ETC_FILES[@]} \
${INSTALL_ONEFLOW_ETC_FILES[@]}"
fi

2
share/etc/oned.conf
View File

@ -789,7 +789,7 @@ DEFAULT_UMASK = 177
# MUST be consistent with the values in onegate-server.conf
#*******************************************************************************
#ONEGATE_ENDPOINT = "http://frontend:5030"
#ONEGATE_ENDPOINT = "http://169.254.16.9:5030"
#*******************************************************************************
# VM Operations Permissions

49
share/install_gems/AlmaLinux8/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.15.3)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -125,6 +135,7 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nio4r (2.5.8)
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
@ -143,13 +154,15 @@ GEM
rack (2.2.4)
rack-protection (2.2.2)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -157,7 +170,7 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sequel (5.62.0)
sinatra (2.2.2)
mustermann (~> 2.0)
rack (~> 2.2)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

57
share/install_gems/AlmaLinux9/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.16.2)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -124,7 +134,8 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nokogiri (1.13.8)
nio4r (2.5.8)
nokogiri (1.13.9)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
openssl (3.0.1)
@ -139,8 +150,10 @@ GEM
public_suffix (5.0.0)
racc (1.6.0)
rack (2.2.4)
rack-protection (3.0.2)
rack-protection (3.0.3)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
@ -148,7 +161,7 @@ GEM
optimist (~> 3.0)
rchardet (1.8.0)
rexml (3.2.5)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -156,11 +169,11 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sinatra (3.0.2)
sequel (5.62.0)
sinatra (3.0.3)
mustermann (~> 3.0)
rack (~> 2.2, >= 2.2.4)
rack-protection (= 3.0.2)
rack-protection (= 3.0.3)
tilt (~> 2.0)
sqlite3 (1.5.3)
mini_portile2 (~> 2.8.0)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rexml
rotp

49
share/install_gems/CentOS8/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.15.3)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -125,6 +135,7 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nio4r (2.5.8)
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
@ -143,13 +154,15 @@ GEM
rack (2.2.4)
rack-protection (2.2.2)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -157,7 +170,7 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sequel (5.62.0)
sinatra (2.2.2)
mustermann (~> 2.0)
rack (~> 2.2)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

49
share/install_gems/Debian10/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.15.3)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -125,6 +135,7 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nio4r (2.5.8)
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
@ -143,13 +154,15 @@ GEM
rack (2.2.4)
rack-protection (2.2.2)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -157,7 +170,7 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sequel (5.62.0)
sinatra (2.2.2)
mustermann (~> 2.0)
rack (~> 2.2)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

57
share/install_gems/Debian11/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.16.2)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -124,7 +134,8 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nokogiri (1.13.8)
nio4r (2.5.8)
nokogiri (1.13.9)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
openssl (3.0.1)
@ -139,15 +150,17 @@ GEM
public_suffix (5.0.0)
racc (1.6.0)
rack (2.2.4)
rack-protection (3.0.2)
rack-protection (3.0.3)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -155,11 +168,11 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sinatra (3.0.2)
sequel (5.62.0)
sinatra (3.0.3)
mustermann (~> 3.0)
rack (~> 2.2, >= 2.2.4)
rack-protection (= 3.0.2)
rack-protection (= 3.0.3)
tilt (~> 2.0)
sqlite3 (1.5.3)
mini_portile2 (~> 2.8.0)
@ -170,6 +183,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -213,6 +227,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -225,6 +240,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -244,6 +260,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

4
share/install_gems/Gemfile
View File

@ -38,6 +38,10 @@ if ruby_version >= Gem::Version.new('3.0.0')
gem 'rexml'
end
gem 'async-io', '= 1.32.1'
gem 'etc'
gem 'rb-inotify'
################################################################################
# gems groups
################################################################################

49
share/install_gems/Ubuntu1804/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.645.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.160.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.341.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.15.3)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -125,6 +135,7 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nio4r (2.5.8)
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
@ -143,13 +154,15 @@ GEM
rack (2.2.4)
rack-protection (2.2.2)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -157,7 +170,7 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sequel (5.62.0)
sinatra (2.2.2)
mustermann (~> 2.0)
rack (~> 2.2)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

61
share/install_gems/Ubuntu2004/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.641.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.158.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.340.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.16.2)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -124,7 +134,8 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nokogiri (1.13.8)
nio4r (2.5.8)
nokogiri (1.13.9)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
openssl (3.0.1)
@ -133,21 +144,23 @@ GEM
optimist (3.0.1)
ox (2.14.11)
parse-cron (0.1.4)
pg (1.4.3)
pg (1.4.4)
polyglot (0.3.5)
prometheus-client (4.0.0)
public_suffix (5.0.0)
racc (1.6.0)
rack (2.2.4)
rack-protection (3.0.2)
rack-protection (3.0.3)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
nokogiri (~> 1.10)
optimist (~> 3.0)
rchardet (1.8.0)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -155,13 +168,13 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sinatra (3.0.2)
sequel (5.62.0)
sinatra (3.0.3)
mustermann (~> 3.0)
rack (~> 2.2, >= 2.2.4)
rack-protection (= 3.0.2)
rack-protection (= 3.0.3)
tilt (~> 2.0)
sqlite3 (1.5.2)
sqlite3 (1.5.3)
mini_portile2 (~> 2.8.0)
thin (1.8.1)
daemons (~> 1.0, >= 1.0.9)
@ -170,6 +183,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -213,6 +227,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -225,6 +240,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -244,6 +260,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rotp
rqrcode

61
share/install_gems/Ubuntu2204/Gemfile.lock
View File

@ -9,26 +9,32 @@ GEM
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
android_key_attestation (0.3.0)
async (1.30.3)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
async-io (1.32.1)
async (~> 1.14)
augeas (0.6.4)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.641.0)
aws-sdk-cloudwatch (1.67.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-partitions (1.660.0)
aws-sdk-cloudwatch (1.68.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.158.0)
aws-sdk-core (3.167.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-ec2 (1.340.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-ec2 (1.349.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (1.59.0)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-s3 (1.117.1)
aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
@ -43,13 +49,15 @@ GEM
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.23.0)
ms_rest_azure (~> 0.12.0)
bindata (2.4.12)
bindata (2.4.14)
builder (3.2.4)
cbor (0.5.9.6)
chunky_png (1.4.0)
concurrent-ruby (1.1.10)
configparser (0.1.7)
cose (1.2.1)
console (1.16.2)
fiber-local
cose (1.3.0)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
curb (1.0.1)
@ -57,6 +65,7 @@ GEM
dalli (2.7.11)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
etc (1.3.0)
eventmachine (1.2.7)
faraday (1.10.2)
faraday-em_http (~> 1.0)
@ -91,6 +100,7 @@ GEM
ffi-rzmq-core (>= 1.0.7)
ffi-rzmq-core (1.0.7)
ffi
fiber-local (1.0.0)
git (1.12.0)
addressable (~> 2.8)
rchardet (~> 1.8)
@ -124,7 +134,8 @@ GEM
ruby2_keywords (~> 0.0.1)
mysql2 (0.5.4)
net-ldap (0.17.1)
nokogiri (1.13.8)
nio4r (2.5.8)
nokogiri (1.13.9)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
openssl (3.0.1)
@ -133,14 +144,16 @@ GEM
optimist (3.0.1)
ox (2.14.11)
parse-cron (0.1.4)
pg (1.4.3)
pg (1.4.4)
polyglot (0.3.5)
prometheus-client (4.0.0)
public_suffix (5.0.0)
racc (1.6.0)
rack (2.2.4)
rack-protection (3.0.2)
rack-protection (3.0.3)
rack
rb-inotify (0.10.1)
ffi (~> 1.0)
rbvmomi (3.0.0)
builder (~> 3.2)
json (~> 2.3)
@ -148,7 +161,7 @@ GEM
optimist (~> 3.0)
rchardet (1.8.0)
rexml (3.2.5)
rotp (6.2.0)
rotp (6.2.1)
rqrcode (2.1.2)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
@ -156,13 +169,13 @@ GEM
ruby2_keywords (0.0.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sequel (5.61.0)
sinatra (3.0.2)
sequel (5.62.0)
sinatra (3.0.3)
mustermann (~> 3.0)
rack (~> 2.2, >= 2.2.4)
rack-protection (= 3.0.2)
rack-protection (= 3.0.3)
tilt (~> 2.0)
sqlite3 (1.5.2)
sqlite3 (1.5.3)
mini_portile2 (~> 2.8.0)
thin (1.8.1)
daemons (~> 1.0, >= 1.0.9)
@ -171,6 +184,7 @@ GEM
thread_safe (0.3.6)
tilt (2.0.11)
timeliness (0.3.10)
timers (4.3.5)
tpm-key_attestation (0.11.0)
bindata (~> 2.4)
openssl (> 2.0, < 3.1)
@ -214,6 +228,7 @@ PLATFORMS
DEPENDENCIES
activesupport (~> 4.2)
addressable
async-io (= 1.32.1)
augeas (~> 0.6)
aws-sdk-cloudwatch
aws-sdk-ec2 (>= 1.151)
@ -226,6 +241,7 @@ DEPENDENCIES
configparser
curb
dalli (< 3.0)
etc
faraday_middleware (~> 1.2.0)
ffi-rzmq (~> 2.0.7)
git (~> 1.5)
@ -245,6 +261,7 @@ DEPENDENCIES
prometheus-client
public_suffix
rack
rb-inotify
rbvmomi (~> 3.0.0)
rexml
rotp

2
share/install_gems/install_gems
View File

@ -119,7 +119,7 @@ for GEMFILE in \
"/usr/share/one/Gemfile"
do
if [ -f "${GEMFILE}" ]; then
bundle install --system --gemfile="${GEMFILE}" >/dev/null
bundle install --system --gemfile="${GEMFILE}"
echo 'Successfully done!'
exit 0

2
share/install_gems/update_locks
View File

@ -68,7 +68,7 @@ for DIR in $DIRS; do
echo "--- Platform ${TARGET} (${DOCKER_IMAGE}:${DOCKER_TAG})"
cat - <<EOF | docker run --rm -it -v "${GIT_DIR}:/git:z" "${DOCKER_IMAGE}:${DOCKER_TAG}" bash -c "eval $(cat -)"
docker run --rm -v "${GIT_DIR}:/git:z" -i "${DOCKER_IMAGE}:${DOCKER_TAG}" bash -s <<EOF
set -xe -o pipefail
export LC_ALL=C

11
share/pkgs/logrotate/opennebula-gate-proxy Normal file
View File

@ -0,0 +1,11 @@
/var/log/one/onegate-proxy.log {
delaycompress
dateext
dateformat -%Y%m%d-%s
compress
weekly
rotate 52
missingok
notifempty
copytruncate
}

15
share/pkgs/services/systemd/opennebula-gate-proxy.service Normal file
View File

@ -0,0 +1,15 @@
[Unit]
Description=OpenNebula Gate Proxy Service
After=syslog.target network.target
[Service]
Type=simple
Group=root
User=root
ExecStart=/usr/bin/ruby /usr/lib/one/onegate-proxy/onegate-proxy.rb
Restart=always
RestartSec=5
SyslogIdentifier=opennebula-gate-proxy
[Install]
WantedBy=multi-user.target

22
src/cli/one_helper/onehost_helper.rb
View File

@ -14,6 +14,7 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
require 'HostSyncManager'
require 'one_helper'
require 'one_helper/onevm_helper'
require 'rubygems'
@ -268,12 +269,11 @@ class OneHostHelper < OpenNebulaHelper::OneHelper
cluster_id = options[:cluster]
# Get remote_dir (implies oneadmin group)
rc = OpenNebula::System.new(@client).get_configuration
return -1, rc.message if OpenNebula.is_error?(rc)
conf = rc
remote_dir = conf['SCRIPTS_REMOTE_DIR']
sync_manager = HostSyncManager.new(conf)
# Verify the existence of REMOTES_LOCATION
if !File.directory? REMOTES_LOCATION
@ -363,21 +363,13 @@ class OneHostHelper < OpenNebulaHelper::OneHelper
print_update_info(total - size, total, host['NAME'])
if options[:ssh]
sync_cmd = "ssh #{host['NAME']}" \
" rm -rf '#{remote_dir}' 2>/dev/null;" \
" mkdir -p '#{remote_dir}' 2>/dev/null &&" \
" scp -rp #{REMOTES_LOCATION}/*" \
" #{host['NAME']}:#{remote_dir} 2> /dev/null"
else
sync_cmd = "rsync -Laz --delete #{REMOTES_LOCATION}/" \
" #{host['NAME']}:#{remote_dir}/"
end
retries = 3
begin
`#{sync_cmd} 2>/dev/null`
copy_method = options[:ssh] ? :ssh : :rsync
rc = sync_manager.update_remotes(host['NAME'],
nil,
copy_method)
rescue IOError
# Workaround for broken Ruby 2.5
# https://github.com/OpenNebula/one/issues/3229
@ -387,7 +379,7 @@ class OneHostHelper < OpenNebulaHelper::OneHelper
end
end
if $CHILD_STATUS.nil? || !$CHILD_STATUS.success?
if rc != 0
error_lock.synchronize do
host_errors << host['NAME']
end

50
src/im_mad/im_exec/one_im_exec.rb
View File

@ -52,6 +52,7 @@ end
$LOAD_PATH << RUBY_LIB_LOCATION
require 'HostSyncManager'
require 'OpenNebulaDriver'
require 'getoptlong'
require 'zlib'
@ -76,6 +77,8 @@ class InformationManagerDriver < OpenNebulaDriver
# register actions
register_action(:START_MONITOR, method('start_monitor'))
register_action(:STOP_MONITOR, method('stop_monitor'))
@sync_manager = HostSyncManager.new
end
def start_monitor(_not_used, _hostid, _timestamp, zaction64)
@ -84,10 +87,16 @@ class InformationManagerDriver < OpenNebulaDriver
return if rc == -1
if !action_is_local?(:START_MONITOR)
rc = update_remotes(:START_MONITOR, input[:host_id],
input[:hostname])
rc = @sync_manager.update_remotes(input[:hostname],
log_method(input[:host_id]))
return if rc == -1
if rc != 0
write_respond(:START_MONITOR,
RESULT[:failure],
input[:host_id],
'Could not update remotes')
return
end
end
result, info = do_action(input[:im_mad],
@ -150,41 +159,6 @@ class InformationManagerDriver < OpenNebulaDriver
[-1, {}]
end
def update_remotes(action, hostid, hostname)
# Recreate dir for remote scripts
mkdir_cmd = "mkdir -p #{@remote_scripts_base_path}"
cmd = SSHCommand.run(mkdir_cmd, hostname, log_method(hostid))
if cmd.code != 0
write_respond(action,
RESULT[:failure],
hostid,
'Could not update remotes')
return -1
end
# Use SCP to sync:
#sync_cmd = "scp -r #{@local_scripts_base_path}/* " \
# "#{hostname}:#{@remote_scripts_base_path}"
# Use rsync to sync:
sync_cmd = "rsync -Laz --delete #{@local_scripts_base_path}/" \
" #{hostname}:#{@remote_scripts_base_path}/"
cmd = LocalCommand.run(sync_cmd, log_method(hostid))
if cmd.code != 0
write_respond(action,
RESULT[:failure],
hostid,
'Could not update remotes')
return -1
end
0
end
# Sends a log message to ONE. The +message+ can be multiline, it will
# be automatically splitted by lines.
def log(id, message, not_used=true)

90
src/mad/ruby/HostSyncManager.rb Normal file
View File

@ -0,0 +1,90 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
# -------------------------------------------------------------------------- #
# rubocop:disable Lint/MissingCopEnableDirective
# rubocop:disable Layout/FirstArgumentIndentation
# rubocop:disable Layout/FirstHashElementIndentation
# rubocop:disable Layout/HashAlignment
# rubocop:disable Layout/HeredocIndentation
# rubocop:disable Layout/IndentationWidth
# rubocop:disable Style/HashSyntax
# rubocop:disable Style/ParallelAssignment
require 'CommandManager'
# This helper module introduces a common routine that synchronizes
# the "remotes".
class HostSyncManager
def initialize(one_config = nil)
one_location = ENV['ONE_LOCATION']&.delete("'")
if one_location.nil?
@one_config_path = '/var/lib/one/config'
@local_scripts_base_path = '/var/lib/one/remotes'
else
@one_config_path = one_location + '/var/config'
@local_scripts_base_path = one_location + '/var/remotes'
end
# Do a simple parsing of the config file unless the values
# are already provided. NOTE: We don't care about "arrays" here..
one_config ||= File.read(@one_config_path).lines.each_with_object({}) \
do |line, object|
key, value = line.split('=').map(&:strip)
object[key.upcase] = value
end
@remote_scripts_base_path = one_config['SCRIPTS_REMOTE_DIR']
@remote_scripts_base_path&.delete!("'")
end
def update_remotes(hostname, logger = nil, copy_method = :rsync)
assemble_cmd = lambda do |steps|
"exec 2>/dev/null; #{steps.join(' && ')}"
end
case copy_method
when :ssh
mkdir_cmd = assemble_cmd.call [
"rm -rf '#{@remote_scripts_base_path}'/",
"mkdir -p '#{@remote_scripts_base_path}'/"
]
sync_cmd = assemble_cmd.call [
"scp -rp '#{@local_scripts_base_path}'/* " \
"'#{hostname}':'#{@remote_scripts_base_path}'/"
]
when :rsync
mkdir_cmd = assemble_cmd.call [
"mkdir -p '#{@remote_scripts_base_path}'/"
]
sync_cmd = assemble_cmd.call [
"rsync -Laz --delete '#{@local_scripts_base_path}'/ " \
"'#{hostname}':'#{@remote_scripts_base_path}'/"
]
end
cmd = SSHCommand.run(mkdir_cmd, hostname, logger)
return cmd.code if cmd.code != 0
cmd = LocalCommand.run(sync_cmd, logger)
return cmd.code if cmd.code != 0
0
end
end

6
src/onecfg/share/etc/files.yaml
View File

@ -320,6 +320,12 @@
group: oneadmin
mode: '0640'
- name: /var/lib/one/remotes/etc/onegate-proxy.conf
class: Yaml
owner: oneadmin
group: oneadmin
mode: '0640'
- name: /var/lib/one/remotes/etc/tm/fs_lvm/fs_lvm.conf
class: Augeas::Shell
owner: oneadmin

122
src/onegate-proxy/bin/onegate-proxy Executable file
View File

@ -0,0 +1,122 @@
#!/bin/bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
if [ -z "$ONE_LOCATION" ]; then
ONEGATE_PROXY_PID=/var/run/one/onegate-proxy.pid
ONEGATE_PROXY_SERVER=/usr/lib/one/onegate-proxy/onegate-proxy.rb
ONEGATE_PROXY_LOCK_FILE=/var/lock/one/.onegate-proxy.lock
ONEGATE_PROXY_LOG=/var/log/one/onegate-proxy.log
ONEGATE_PROXY_LOG_ERROR=/var/log/one/onegate-proxy.error
ONEGATE_PROXY_CONF=/etc/one/onegate-proxy.conf
else
ONEGATE_PROXY_PID=$ONE_LOCATION/var/onegate-proxy.pid
ONEGATE_PROXY_SERVER=$ONE_LOCATION/lib/onegate-proxy/onegate-proxy.rb
ONEGATE_PROXY_LOCK_FILE=$ONE_LOCATION/var/.onegate-proxy.lock
ONEGATE_PROXY_LOG=$ONE_LOCATION/var/onegate-proxy.log
ONEGATE_PROXY_LOG_ERROR=$ONE_LOCATION/var/onegate-proxy.error
ONEGATE_PROXY_CONF=$ONE_LOCATION/etc/onegate-proxy.conf
fi
setup()
{
if [ -f $ONEGATE_PROXY_LOCK_FILE ]; then
if [ -f $ONEGATE_PROXY_PID ]; then
ONEGATEPID=`cat $ONEGATE_PROXY_PID`
ps $ONEGATEPID &> /dev/null
if [ $? -eq 0 ]; then
echo -n "OneGate Server is still running (PID:$ONEGATEPID). Please "
echo "try 'onegate-proxy stop' first."
exit 1
fi
fi
echo "Stale .lock detected. Erasing it."
rm $ONEGATE_PROXY_LOCK_FILE
fi
}
start()
{
if [ ! -f "$ONEGATE_PROXY_SERVER" ]; then
echo "Cannot find $ONEGATE_PROXY_SERVER."
exit 1
fi
# Start the onegate daemon
touch $ONEGATE_PROXY_LOCK_FILE
ruby $ONEGATE_PROXY_SERVER > $ONEGATE_PROXY_LOG 2>$ONEGATE_PROXY_LOG_ERROR &
LASTPID=$!
if [ $? -ne 0 ]; then
echo "Error executing onegate-proxy."
echo "Check $ONEGATE_PROXY_LOG_ERROR and $ONEGATE_PROXY_LOG for more information"
exit 1
else
echo $LASTPID > $ONEGATE_PROXY_PID
fi
sleep 1
ps $LASTPID &> /dev/null
if [ $? -ne 0 ]; then
echo "Error executing onegate-proxy."
echo "Check $ONEGATE_PROXY_LOG_ERROR and $ONEGATE_PROXY_LOG for more information"
exit 1
fi
echo "onegate-proxy started"
}
#
# Function that stops the daemon/service
#
stop()
{
if [ ! -f $ONEGATE_PROXY_PID ]; then
echo "Couldn't find onegate-proxy process pid."
exit 1
fi
# Kill the onegate daemon
kill -INT `cat $ONEGATE_PROXY_PID` &> /dev/null
# Remove pid files
rm -f $ONEGATE_PROXY_LOCK_FILE &> /dev/null
rm -f $ONEGATE_PROXY_PID &> /dev/null
echo "onegate-proxy stopped"
}
case "$1" in
start)
setup
start
;;
stop)
stop
;;
restart)
stop
setup
start
;;
*)
echo "Usage: onegate-proxy {start|stop|restart}" >&2
exit 3
;;
esac

27
src/onegate-proxy/etc/onegate-proxy.conf Normal file
View File

@ -0,0 +1,27 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# Log debug level: 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG
#:debug_level: 2
#:process_owner: 'oneadmin'
# The address and port are supposed to be provided during onehost sync
# operation inside the '/var/tmp/one/etc/onegate-proxy.conf' file.
#:onegate_addr: 'localhost'
#:onegate_port: '5030'
#:service_addr: '169.254.16.9'

303
src/onegate-proxy/onegate-proxy.rb Normal file
View File

@ -0,0 +1,303 @@
#!/usr/bin/env ruby
# -------------------------------------------------------------------------- #
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# frozen_string_literal: true
# rubocop:disable Lint/MissingCopEnableDirective
# rubocop:disable Lint/RedundantRequireStatement
# rubocop:disable Layout/FirstHashElementIndentation
# rubocop:disable Layout/HashAlignment
# rubocop:disable Layout/HeredocIndentation
# rubocop:disable Layout/IndentationWidth
# rubocop:disable Style/HashSyntax
# rubocop:disable Style/ParallelAssignment
ONE_LOCATION = ENV['ONE_LOCATION']
if !ONE_LOCATION
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
GEMS_LOCATION = '/usr/share/one/gems'
ETC_LOCATION = '/etc/one'
REMOTES_LOCATION = '/var/tmp/one'
else
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
GEMS_LOCATION = ONE_LOCATION + '/share/gems'
ETC_LOCATION = ONE_LOCATION + '/etc'
REMOTES_LOCATION = ONE_LOCATION + '/var/remotes'
end
CONFIGURATION_FILE = ETC_LOCATION + '/onegate-proxy.conf'
DYNAMIC_CONFIGURATION_FILE = REMOTES_LOCATION + '/etc/onegate-proxy.conf'
# %%RUBYGEMS_SETUP_BEGIN%%
if File.directory?(GEMS_LOCATION)
real_gems_path = File.realpath(GEMS_LOCATION)
if !defined?(Gem) || Gem.path != [real_gems_path]
$LOAD_PATH.reject! {|p| p =~ /vendor_ruby/ }
# Suppress warnings from Rubygems
# https://github.com/OpenNebula/one/issues/5379
begin
verb = $VERBOSE
$VERBOSE = nil
require 'rubygems'
Gem.use_paths(real_gems_path)
ensure
$VERBOSE = verb
end
end
end
# %%RUBYGEMS_SETUP_END%%
$LOAD_PATH << RUBY_LIB_LOCATION
require 'async/io'
require 'async/io/stream'
require 'async/io/trap'
require 'etc'
require 'pp'
require 'rb-inotify'
require 'socket'
require 'yaml'
$stdout.sync = true
$stderr.sync = true
DEFAULT_OPTIONS = {
:debug_level => 2, # 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG
:process_owner => 'oneadmin',
:onegate_addr => '127.0.0.1',
:onegate_port => '5030',
:service_addr => '169.254.16.9'
}.freeze
# Proxy-class for converting log levels between OpenNebula and
# the socketry/console library. It also splits specific log levels
# into separate stdout and stderr loggers.
class Logger
LOG_LEVEL_MAP = {
0 => '3', # ERROR
1 => '2', # WARN
2 => '1', # INFO
3 => '0' # DEBUG
}.freeze
def initialize(log_level = 2)
@out = Console::Logger.default_logger $stdout, {
'CONSOLE_LEVEL' => LOG_LEVEL_MAP[log_level]
}
@err = Console::Logger.default_logger $stderr, {
'CONSOLE_LEVEL' => LOG_LEVEL_MAP[log_level]
}
end
def error(*args, &block)
@err.error(*args, &block)
end
def warn(*args, &block)
@err.warn(*args, &block)
end
def info(*args, &block)
@out.info(*args, &block)
end
def debug(*args, &block)
@err.debug(*args, &block)
end
end
# Class that implements a classic two-way TCP socket proxy (async).
class OneGateProxy
def initialize(options = {})
@options = DEFAULT_OPTIONS.dup.merge! options
@options.each {|k, v| instance_variable_set("@#{k}", v) }
@logger = Logger.new options[:debug_level]
@sigint = Async::IO::Trap.new :INT
@sigint.install!
@inotify = setup_inotify
@inotify_io = Async::IO::Generic.new @inotify.to_io
@proxy_ep = Async::IO::Endpoint.socket setup_socket
end
def run
# NOTE: At this point all config should be set in stone,
# we can drop root privileges..
drop_privileges
Async do |task|
# Make CTRL-C work..
task.async do
@sigint.wait { exit 0 }
end
# Handle filesystem notifications..
task.async do
@inotify.process while @inotify_io.wait_readable
end
glue_peers task
end
end
private
def drop_privileges
new_gid, new_uid = Etc.getpwnam(@process_owner).gid,
Etc.getpwnam(@process_owner).uid
@logger.info(self) do
"Drop root privileges -> #{@process_owner}"
end
Process::Sys.setgid new_gid
Process::Sys.setuid new_uid
end
def setup_inotify
inotify = INotify::Notifier.new
inotify.watch(DYNAMIC_CONFIGURATION_FILE, :modify) do
@logger.info(self) do
"#{DYNAMIC_CONFIGURATION_FILE} has been just updated, exiting.."
end
# We assume here that the service will be restarted by
# the service manager.
exit 0
end
inotify
end
def setup_service_addr
# NOTE: We need the service_addr to be defined on one of the interfaces
# inside the host, one natural choice is the loopback interface (lo).
# Effectively we set it once, subsequent restarts of the service should
# honor the idempotence.
ip_address_add_cmd = lambda do |cidr_host, nic_device|
check = "[ -n \"$(ip a s to '#{cidr_host}' dev '#{nic_device}')\" ]"
apply = "ip a a '#{cidr_host}' dev '#{nic_device}'"
"#{check.strip} >/dev/null 2>&1 || #{apply.strip}"
end
system ip_address_add_cmd.call "#{@service_addr}/32", 'lo'
end
def setup_socket(listen = Socket::SOMAXCONN)
# NOTE: Must be executed before calling bind(), otherwise it fails..
setup_service_addr
sock = Socket.new Socket::AF_INET, Socket::SOCK_STREAM, 0
sock.setsockopt Socket::SOL_SOCKET, Socket::SO_REUSEADDR, 1
@logger.info(self) do
"Bind #{Addrinfo.tcp(@service_addr, @onegate_port).inspect}"
end
sock.bind Socket.pack_sockaddr_in(@onegate_port, @service_addr)
sock.listen listen
sock
end
def glue_streams(stream1, stream2, task)
Async do
concurrent = []
concurrent << task.async do
while (chunk = stream1.read_partial)
stream2.write chunk
stream2.flush
end
end
concurrent << task.async do
while (chunk = stream2.read_partial)
stream1.write chunk
stream1.flush
end
end
concurrent.each(&:wait)
end
end
def glue_peers(task)
@proxy_ep.accept do |vm_peer|
@logger.debug(self) do
"Accept #{vm_peer.remote_address.inspect}"
end
begin
gate_ep = Async::IO::Endpoint.tcp @onegate_addr,
@onegate_port
gate_ep.connect do |gate_peer|
vm_stream, gate_stream = Async::IO::Stream.new(vm_peer),
Async::IO::Stream.new(gate_peer)
glue_streams(vm_stream, gate_stream, task).wait
@logger.debug(self) do
"Close #{gate_peer.remote_address.inspect}"
end
gate_peer.close
end
rescue Errno::ECONNREFUSED,
Errno::ECONNRESET,
Errno::EHOSTUNREACH,
Errno::ETIMEDOUT => e
@logger.error(self) do
e.message
end
end
@logger.debug(self) do
"Close #{vm_peer.remote_address.inspect}"
end
vm_peer.close
end
end
end
if caller.empty?
# NOTE: The "DYNAMIC_CONFIGURATION_FILE" is copied during the host
# sync procedure and should just contain OneGate's address and port.
# Contacting OpenNebula's API in this simple service looks like
# an overkill..
options = DEFAULT_OPTIONS.dup
[CONFIGURATION_FILE, DYNAMIC_CONFIGURATION_FILE].each do |path|
options.merge!(YAML.load_file(path) || {}) if File.exist?(path)
rescue StandardError => e
warn "Error parsing config file #{path}: #{e.message}"
exit 1
end
puts <<~HEADER
--------------------------------------
Proxy configuration
--------------------------------------
#{options.pretty_inspect.strip}
--------------------------------------
HEADER
service = OneGateProxy.new options
service.run
end